Package: oprofile
Version: 0.9.6-1.3
Severity: grave
Tags: patch security
Justification: user security hole
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu oneiric ubuntu-patch
In Ubuntu, the attached patch was applied to achieve the following:
* SECURITY UPDATE: arbitrary file overwrite
- 0005-add-back-error_if_not_basename.patch: readd error_if_not_basename()
which was removed in 0003-Avoid-blindly-source-SETUP_FILE-with.patch
See http://www.openwall.com/lists/oss-security/2011/07/07/6 for details.
Thanks for considering the patch.
-- System Information:
Debian Release: squeeze/sid
APT prefers natty-updates
APT policy: (500, 'natty-updates'), (500, 'natty-security'), (500, 'natty')
Architecture: amd64 (x86_64)
Kernel: Linux 2.6.38-8-generic (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
--- oprofile-0.9.6.orig/debian/patches/0005-add-back-error_if_not_basename.patch
+++ oprofile-0.9.6/debian/patches/0005-add-back-error_if_not_basename.patch
@@ -0,0 +1,19 @@
+Author: Jamie Strandboge <ja...@canonical.com>
+Description: add back error_if_not_basename() which was removed in
+ 0003-Avoid-blindly-source-SETUP_FILE-with.patch
+Forwarded: yes
+
+Index: oprofile-0.9.6/utils/opcontrol
+===================================================================
+--- oprofile-0.9.6.orig/utils/opcontrol 2011-07-07 10:58:26.000000000
-0500
++++ oprofile-0.9.6/utils/opcontrol 2011-07-07 10:58:35.000000000 -0500
+@@ -785,7 +785,8 @@
+ ;;
+
+ --save)
+- error_if_invalid_arg $arg $val
++ error_if_invalid_arg $arg $val
++ error_if_not_basename $arg $val
+ DUMP=yes
+ SAVE_SESSION=yes
+ SAVE_NAME=$val
